Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Debugging VPN Concentrator

Hi all,

I have a 7206VXR which serves as a VPN concentrator. In fact, there are several dozens of VPNs defined on this machine. For some reason, a recently defined VPN doesn't reach the QM_IDLE state (it stops at MM_NO_STATE). Obviously, it doesn't work.

Every VPN is placed into different VRF so there is no connection among the tunnels. But it seems that the "debug crypto isakamp" command doesn't have any extension regarding VRFs or debugging a particular gateway. So running the "crypto isakamp" debug isn't quite helpful. The problem is that it gives every piece of information it can regarding all gateways and does not separate between them. So all I have it's a huge mess of a debug output.

How can I restrict the "crypto isakamp" debug to a particular gateway / VRF?

Alex.

2 REPLIES

Re: Debugging VPN Concentrator

Alex-

You can use an ACL for filtering debug. Here' a link. http://articles.techrepublic.com.com/5100-1035-5917591.html

HTH and please rate.

Community Member

Re: Debugging VPN Concentrator

Thank you guys,

I've found the answer:

Crypto Conditional Debug Support - http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801a7586.html

Alex.

119
Views
0
Helpful
2
Replies
CreatePlease to create content